NOTE: After further testing, it appears Jetpack is not the culprit. There is something wrong with my Virtue Theme. The theme itself is very slow to load for pages that aren’t WP Super Cache’d.
The past several days I noticed that the average CPU utilization on my Linode VPS has been steadily increasing. I ended up looking at the graphs and the trends have been a bit disconcerting.
I run OSSEC for intrusion detection and nothing was triggered. Subsequent manual checks on the server indicate no malware or rogue code or applications.
After a little bit of checking, I have come to hypothesis that it is a result of Jetpack for WordPress. The spike in the CPU graph is about in line with the last Jetpack update which I deployed on June 18.
Last night, I actually got a alert email from Linode indicating that my VPS was hitting 100% average for over two (2) hours. I hopped on the box and couldn’t figure out what was going on. I found one IP that was SYN scanning the host and hitting port 80 and 443 which could have been causing high httpd CPU usage.
Off the cuff, I decided to eliminate the SSL listener for httpd. I actually set this up several weeks ago, but it does an htaccess rewrite to the non-http port for any given URL for the actual document in question. After I turned off the httpd/ssl listener, the CPU load dropped back down significantly.
Although the load is still higher than the previous baselines.
I’m not sure if the Jetpack update (version 3.0.2) is having issues with the way I implemented httpd+mod_ssl and the htaccess rewrite rules. There is one item in the changelog regarding SSL:
* Bug Fix: Removed the SSL error on Jetpack Admin UI
So for now, I’m keeping SSL off since it’s not actually being used for anything.
Google research shows that other people are having high CPU usage issues with Jetpack, and it’s not a recent issue. I am going to have to keep looking for optimization solutions.